ASR AI Security Radar
Methodology Recent Incidents Get Notified

Back to incidents

AI security incident: Wildfly Elytron integration susceptible to brute force attacks via CLI (GHSA-qhp6-6p8...

Incident date: February 13, 2026 | Published: February 25, 2026 | Source: GitHub Security Advisory | Classification confidence: 45%

This incident is part of the public archive. AI-specific signals are limited in the current source material, so source citations should be reviewed closely during triage. Review methodology.

Impact A flaw was found in Wildfly Elytron integration. The component does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it more susceptible to brute force attacks via CLI. ### Patches The default behaviour has been changed in WildFly Core 31.0.3.Final, and 32.0.0.Beta3 - the first version is used by WildFly 39.0.1.Final and the second will be included in WildFly 40. ### Workarounds No direct workaround. Monitoring network traffic / blocking suspicious traffic may help. ### References https://www.cve.org/CVERecord?id=CVE-2025-23368 https://issues.redhat.com/browse/WFCORE-7192 ### Acknowledgements We would like to thank Claudia Bartolini (TIM S.p.A), Marco Ventura (TIM S.p.

Why This Is AI-Related

This advisory is part of the public incident archive, but the current source material uses limited explicit AI terminology, so the cited sources should be reviewed carefully when judging AI relevance and exposure.

  • Explicit AI-specific signals are limited in the current source material, so use the cited advisory to validate scope during triage.

Affected Workflow

Review the AI product, dependency, and integration points mentioned in the source advisory before broadening remediation.

Likely Attack Path

The advisory indicates a security path that can affect AI applications, assistants, models, or connected automation workflows if the component is deployed.

Impact

The advisory has meaningful security implications for an AI-related product, dependency, or workflow and should be triaged against deployed usage. Severity HIGH. Classification confidence 45%. Source channel GHSA.

Detection And Triage Signals

  • New security events tied to the affected component or advisory identifier
  • Changes in AI workflow behavior, access logs, or plugin execution after the advisory window
  • Evidence that the vulnerable version is active in environments that process sensitive data

Recommended Response

  • Confirm whether affected products, models, or integrations are used in your environment.
  • Apply vendor fixes or mitigations and restrict risky permissions until verified.
  • Monitor logs for related indicators and document containment for audit evidence.

Compliance And Business Impact

Even when exploit details are still emerging, delayed triage can widen operational and compliance exposure around AI systems.

Sources

Want alerts like this in real time?

Get notified with incident context, likely impact, and response guidance.

Get Notified

More incidents